SonicSpy spyware using Android apps to steal device information

Google has booted out three apps from the Play Store which could steal contacts, call records and messages from Android devices using a spyware named SonicSpy.

SonicSpy can infiltrate Android devices through apps and can send texts, take pictures from phone cameras and capture call records.

In a detailed blog post, security firm Naked Security has detailed out how a new spyware named SonicSpy can infiltrate Android devices and steal sensitive user information without being noticed by users. Researchers at the firm noted that there could be as many as 4,000 Android apps that hid SonicSpy.

Three of such apps, namely Soniac, Hulk Messenger, and Troy Chat, were present on the Google Play Store and had been downloaded a few times. However, once security researchers at Naked Security informed Google about the spyware present in these apps, Google booted them out from the Play Store.

However, there are still thousands of apps that are infected by SonicSpy and are available at third party app stores that do not feature strong security credentials. Android users who download apps from third party app stores and from the web are particularly vulnerable to the spyware.

Android device users are unable to detect the presence of SonicSpy since it removes its launch icon to hide itself post installation. Once it obtains data from an Android device, the spyware then sends such data over to a command and control server owned by its creator.

To ensure they are not affected by such spyware, Naked Security suggests that Android device users must stick to the Google Play Store not only because it has a strong malware-filtering mechanism, but also because it can boot out existing apps if it is found that they contain malware or trojans.

Third party app stores do not have strong security mechanisms in place and are not as regular in sending out security patches and updates to users. As such, they act as hubs for malware that cannot otherwise get past Google's Play Store or Apple's App Store.

The researchers are also advising users not to download new apps on work phones before checking their history so as to ensure they are not downloading unwanted malware inadvertently. At the same time, phone buyers must choose devices that come with faster and more effective patching of vulnerabilities. For example, BlackBerry's latest Android phones come with 'zero day' patches which means that BlackBerry passes on patches to users as soon as they are made available by Google.

About The Author

Jay Jay is a freelance technology writer for teiss. He has previously written news articles, device reviews and features for Mobile Choice UK website and magazine, as well as writing extensively for SC Magazine UK, Tech Radar, Indian Express, and Android Headlines.

The National Crime Agency (NCA) has announced that it is leading a criminal investigation into the destructive ransomware attack on Eurofins Scientific that affected IT systems in several countries even …